CVE-2023-32967

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 2, 2024

Updated: Feb 8, 2024

CWE ID 285

CWE ID 863

Summary

CVE-2023-32967 is an authorization vulnerability affecting several QNAP operating system versions. This issue enables authenticated users to bypass access restrictions over a network. Notably, QTS 5.x and QuTS hero are not impacted. The vulnerability has already been addressed in QuTScloud c5.1.5.2651 and later, as well as QTS 4.5.4.2627 build 20231225 and later.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP QTS

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/uYJ4RK
https://www.cve.org/CVERecord?id=CVE-2023-32967
https://nvd.nist.gov/vuln/detail/CVE-2023-32967

Back to Vulnerability Database